CVE-2022-23302
Description
JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
log4j:log4jMaven | <= 1.2.17 | — |
org.zenframework.z8.dependencies.commons:log4j-1.2.17Maven | <= 2.0 | — |
Affected products
180- osv-coords179 versionspkg:apk/chainguard/druid-compatpkg:apk/wolfi/druid-compatpkg:maven/log4j/log4jpkg:maven/org.zenframework.z8.dependencies.commons/log4j-1.2.17pkg:rpm/almalinux/parfaitpkg:rpm/almalinux/parfait-examplespkg:rpm/almalinux/parfait-javadocpkg:rpm/almalinux/pcp-parfait-agentpkg:rpm/almalinux/si-unitspkg:rpm/almalinux/si-units-javadocpkg:rpm/almalinux/unit-apipkg:rpm/almalinux/unit-api-javadocpkg:rpm/almalinux/uom-libpkg:rpm/almalinux/uom-lib-javadocpkg:rpm/almalinux/uom-parentpkg:rpm/almalinux/uom-sepkg:rpm/almalinux/uom-se-javadocpkg:rpm/almalinux/uom-systemspkg:rpm/almalinux/uom-systems-javadocpkg:rpm/opensuse/kafka&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kafka-kit&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/kafka-kit&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/log4j12&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/log4j&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/elasticsearch&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/elasticsearch&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/elasticsearch&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/elasticsearch&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/elasticsearch&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/kafka&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/kafka&distro=SUSE%20Package%20Hub%2015%20SP3pkg:rpm/suse/kafka-kit&distro=SUSE%20Package%20Hub%2015%20SP3pkg:rpm/suse/log4j12&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP2pkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/log4j12&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/log4j12&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/log4j12&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/log4j12&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/log4j&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/log4j&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCLpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/log4j&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/log4j&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/log4j&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/log4j&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/log4j&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/logstash&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-agent&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-agent&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-agent&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-agent&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-agent&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-log-metrics&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-log-metrics&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-log-metrics&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-log-persister&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-log-persister&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-log-persister&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-log-transformer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-log-transformer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-log-transformer&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-persister-java&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-persister-java&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openstack-monasca-thresh&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-thresh&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-thresh&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openstack-monasca-thresh&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/openstack-monasca-thresh&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/spark&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/spark&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/storm&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/storm&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/storm&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/storm&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/storm&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/venv-openstack-aodh&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-aodh&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-barbican&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-barbican&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-ceilometer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ceilometer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-cinder&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-cinder&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-designate&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-designate&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-freezer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-freezer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-glance&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-glance&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-heat&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-heat&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-horizon&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-horizon-hpe&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ironic&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-ironic&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-keystone&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-keystone&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-magnum&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-magnum&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-manila&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-manila&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-monasca-ceilometer&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-monasca&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-monasca&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-monasca&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-murano&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-murano&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-neutron&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-neutron&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-nova&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-nova&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-octavia&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-octavia&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-sahara&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-sahara&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-swift&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/venv-openstack-swift&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/venv-openstack-trove&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/venv-openstack-trove&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/zookeeper&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/zookeeper&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/zookeeper&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/zookeeper&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/zookeeper&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
< 34.0.0-r6+ 178 more
- (no CPE)range: < 34.0.0-r6
- (no CPE)range: < 34.0.0-r6
- (no CPE)range: <= 1.2.17
- (no CPE)range: <= 2.0
- (no CPE)range: < 0.5.4-4.module_el8.5.0+235+62ea7738
- (no CPE)range: < 0.5.4-4.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 0.5.4-4.module_el8.5.0+235+62ea7738
- (no CPE)range: < 0.5.4-4.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 0.6.5-2.module_el8.5.0+235+62ea7738
- (no CPE)range: < 0.6.5-2.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 1.0-5.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 1.0-5.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 1.0.1-6.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 1.0.1-6.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 1.0.3-3.module_el8.5.0+235+62ea7738
- (no CPE)range: < 1.0.4-3.module_el8.5.0+235+62ea7738
- (no CPE)range: < 1.0.4-3.module_el8.5.0+235+62ea7738
- (no CPE)range: < 0.7-1.module_el8.5.0+235+62ea7738
- (no CPE)range: < 0.7-1.module_el8.5.0+2610+de2b8c0b
- (no CPE)range: < 2.1.0-bp153.2.6.1
- (no CPE)range: < 2.1.0-bp153.2.6.1
- (no CPE)range: < 2.1.0-3.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 2.4.2-5.6.1
- (no CPE)range: < 2.4.2-5.6.1
- (no CPE)range: < 2.4.2-6.6.1
- (no CPE)range: < 2.4.2-5.6.1
- (no CPE)range: < 2.4.2-6.6.1
- (no CPE)range: < 0.10.2.2-5.12.1
- (no CPE)range: < 0.10.2.2-5.12.1
- (no CPE)range: < 0.10.2.2-3.5.1
- (no CPE)range: < 0.10.2.2-5.12.1
- (no CPE)range: < 0.10.2.2-3.5.1
- (no CPE)range: < 2.1.0-bp153.2.6.1
- (no CPE)range: < 2.1.0-bp153.2.6.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.17-4.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.15-26.32.20.1
- (no CPE)range: < 1.2.15-26.32.20.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.17-5.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 1.2.15-126.9.1
- (no CPE)range: < 2.4.1-5.10.1
- (no CPE)range: < 2.4.1-5.10.1
- (no CPE)range: < 2.4.1-7.6.1
- (no CPE)range: < 2.4.1-5.10.1
- (no CPE)range: < 2.4.1-7.6.1
- (no CPE)range: < 2.2.6~dev4-3.27.1
- (no CPE)range: < 2.2.6~dev4-3.27.1
- (no CPE)range: < 2.8.2~dev5-3.18.1
- (no CPE)range: < 2.2.6~dev4-3.27.1
- (no CPE)range: < 2.8.2~dev5-3.18.1
- (no CPE)range: < 0.0.1-3.3.1
- (no CPE)range: < 0.0.1-3.3.1
- (no CPE)range: < 0.0.1-3.3.1
- (no CPE)range: < 0.0.1-5.3.1
- (no CPE)range: < 0.0.1-5.3.1
- (no CPE)range: < 0.0.1-5.3.1
- (no CPE)range: < 0.0.1-4.3.1
- (no CPE)range: < 0.0.1-4.3.1
- (no CPE)range: < 0.0.1-4.3.1
- (no CPE)range: < 1.7.1~a0~dev2-3.9.1
- (no CPE)range: < 1.7.1~a0~dev2-3.9.1
- (no CPE)range: < 1.12.1~dev9-15.1
- (no CPE)range: < 1.7.1~a0~dev2-3.9.1
- (no CPE)range: < 1.12.1~dev9-15.1
- (no CPE)range: < 2.1.1-4.6.1
- (no CPE)range: < 2.1.1-4.6.1
- (no CPE)range: < 2.1.1-5.6.1
- (no CPE)range: < 2.1.1-4.6.1
- (no CPE)range: < 2.1.1-5.6.1
- (no CPE)range: < 1.6.3-8.12.1
- (no CPE)range: < 1.6.3-8.12.1
- (no CPE)range: < 2.2.3-5.9.2
- (no CPE)range: < 1.6.3-8.12.1
- (no CPE)range: < 2.2.3-5.9.2
- (no CPE)range: < 1.2.3-3.11.2
- (no CPE)range: < 1.2.3-3.11.2
- (no CPE)range: < 1.2.3-3.8.1
- (no CPE)range: < 1.2.3-3.11.2
- (no CPE)range: < 1.2.3-3.8.1
- (no CPE)range: < 5.1.1~dev7-12.40.1
- (no CPE)range: < 5.1.1~dev7-12.40.1
- (no CPE)range: < 5.0.2~dev3-12.41.1
- (no CPE)range: < 5.0.2~dev3-12.41.1
- (no CPE)range: < 7.0.1~dev24-3.33.1
- (no CPE)range: < 9.0.8~dev7-12.38.1
- (no CPE)range: < 9.0.8~dev7-12.38.1
- (no CPE)range: < 11.2.3~dev29-14.42.1
- (no CPE)range: < 11.2.3~dev29-14.42.1
- (no CPE)range: < 13.0.10~dev23-3.36.1
- (no CPE)range: < 5.0.3~dev7-12.39.1
- (no CPE)range: < 5.0.3~dev7-12.39.1
- (no CPE)range: < 7.0.2~dev2-3.33.1
- (no CPE)range: < 5.0.0.0~xrc2~dev2-10.36.1
- (no CPE)range: < 5.0.0.0~xrc2~dev2-10.36.1
- (no CPE)range: < 15.0.3~dev3-12.39.1
- (no CPE)range: < 15.0.3~dev3-12.39.1
- (no CPE)range: < 17.0.1~dev30-3.31.1
- (no CPE)range: < 9.0.8~dev22-12.43.1
- (no CPE)range: < 9.0.8~dev22-12.43.1
- (no CPE)range: < 11.0.4~dev4-3.33.1
- (no CPE)range: < 12.0.5~dev6-14.46.1
- (no CPE)range: < 14.1.1~dev11-4.37.1
- (no CPE)range: < 12.0.5~dev6-14.46.1
- (no CPE)range: < 9.1.8~dev8-12.41.1
- (no CPE)range: < 9.1.8~dev8-12.41.1
- (no CPE)range: < 11.1.5~dev17-4.31.1
- (no CPE)range: < 12.0.4~dev11-11.43.1
- (no CPE)range: < 12.0.4~dev11-11.43.1
- (no CPE)range: < 14.2.1~dev7-3.34.1
- (no CPE)range: < 5.0.2_5.0.2_5.0.2~dev31-11.40.1
- (no CPE)range: < 5.0.2_5.0.2_5.0.2~dev31-11.40.1
- (no CPE)range: < 7.2.1~dev1-4.33.1
- (no CPE)range: < 5.1.1~dev5-12.45.1
- (no CPE)range: < 5.1.1~dev5-12.45.1
- (no CPE)range: < 7.4.2~dev60-3.39.1
- (no CPE)range: < 1.5.1_1.5.1_1.5.1~dev3-8.36.1
- (no CPE)range: < 1.5.1_1.5.1_1.5.1~dev3-8.36.1
- (no CPE)range: < 1.8.2~dev3-3.33.1
- (no CPE)range: < 2.2.2~dev1-11.43.1
- (no CPE)range: < 2.2.2~dev1-11.43.1
- (no CPE)range: < 2.7.1~dev10-3.35.2
- (no CPE)range: < 4.0.2~dev2-12.36.1
- (no CPE)range: < 4.0.2~dev2-12.36.1
- (no CPE)range: < 11.0.9~dev69-13.46.1
- (no CPE)range: < 11.0.9~dev69-13.46.1
- (no CPE)range: < 13.0.8~dev164-6.37.1
- (no CPE)range: < 16.1.9~dev92-11.44.1
- (no CPE)range: < 16.1.9~dev92-11.44.1
- (no CPE)range: < 18.3.1~dev91-3.37.1
- (no CPE)range: < 1.0.6~dev3-12.41.1
- (no CPE)range: < 1.0.6~dev3-12.41.1
- (no CPE)range: < 3.2.3~dev7-4.33.1
- (no CPE)range: < 7.0.5~dev4-11.40.1
- (no CPE)range: < 7.0.5~dev4-11.40.1
- (no CPE)range: < 9.0.2~dev15-3.33.1
- (no CPE)range: < 2.15.2_2.15.2_2.15.2~dev32-11.31.1
- (no CPE)range: < 2.15.2_2.15.2_2.15.2~dev32-11.31.1
- (no CPE)range: < 2.19.2~dev48-2.28.1
- (no CPE)range: < 8.0.2~dev2-11.40.1
- (no CPE)range: < 8.0.2~dev2-11.40.1
- (no CPE)range: < 3.4.10-3.15.1
- (no CPE)range: < 3.4.10-3.15.1
- (no CPE)range: < 3.4.13-3.12.1
- (no CPE)range: < 3.4.10-3.15.1
- (no CPE)range: < 3.4.13-3.12.1
Patches
Vulnerability mechanics
References
11- www.oracle.com/security-alerts/cpuapr2022.htmlnvdPatchThird Party AdvisoryWEB
- www.oracle.com/security-alerts/cpujul2022.htmlnvdPatchThird Party AdvisoryWEB
- www.openwall.com/lists/oss-security/2022/01/18/3nvdMailing ListThird Party AdvisoryWEB
- github.com/advisories/GHSA-w9p3-5cr8-m3jjghsaADVISORY
- lists.apache.org/thread/bsr3l5qz4g0myrjhy9h67bcxodpkwj4wnvdMailing ListMitigationVendor AdvisoryWEB
- logging.apache.org/log4j/1.2/index.htmlnvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2022-23302ghsaADVISORY
- security.netapp.com/advisory/ntap-20220217-0006/nvdThird Party Advisory
- security.netapp.com/advisory/ntap-20220217-0006ghsaWEB
- www.vicarius.io/vsociety/posts/cve-2022-23302-detect-log4j-1217-vulnerabilitynvdWEB
- www.vicarius.io/vsociety/posts/cve-2022-23302-mitigate-log4j-1217-vulnerabilitynvdWEB
News mentions
0No linked articles in our index yet.